Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-26584

Published: 21/02/2024 Updated: 30/04/2024
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRESS in valid situations. For example, when the cryptd queue for AESNI is full (easy to trigger with an artificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued to the backlog but still processed. In that case, the async callback will also be called twice: first with err == -EINPROGRESS, which it seems we can just ignore, then with err == 0. Compared to Sabrina's original patch this version uses the new tls_*crypt_async_wait() helpers and converts the EBUSY to EINPROGRESS to avoid having to modify all the error handling paths. The handling is identical.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Amazon Linux 2: ALASKERNEL-5.4-2024-065
A flaw was found in the smb client in the Linux kernel A potential out-of-bounds error was seen in the smb2_parse_contexts() function Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts() (CVE-2023-52434) In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify an ...
Amazon Linux 2: ALASKERNEL-5.15-2024-043
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg)may exit as soon as the async crypto handler calls complete()so any code past that point risks touching already freed data Try to avoid the locking and extra flags altogethe ...
Amazon Linux 2: ALASKERNEL-5.10-2024-057
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg)may exit as soon as the async crypto handler calls complete()so any code past that point risks touching already freed data Try to avoid the locking and extra flags altogethe ...

References

CWE-755https://git.kernel.org/stable/c/8590541473188741055d27b955db0777569438e3https://git.kernel.org/stable/c/13eca403876bbea3716e82cdfe6f1e6febb38754https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694https://git.kernel.org/stable/c/cd1bbca03f3c1d845ce274c0d0a66de8e5929f72https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-065.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoofCVE-2024-34928CVE-2024-5291deserializationCVE-2024-4471CVE-2024-4956CVE-2024-32002CVE-2024-5227unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook